Receive articles and resources from the information risk management experts at FoxPointe.
By Jessica Ramirez Artificial intelligence (AI) has been a trending topic that we have been exploring and discussing as it continues to rapidly advance technologically. One thing to keep in mind as AI advances, is how this impacts professional settings. An organization must understand the advantages and disadvantages that AI...
This article was written by Chris Salone, CISA, CCSFP, MBA Computer Incident Notification Rule In the final quarter of 2021, the Federal Deposit Insurance Corporation (FDIC), the Board of Governors of the Federal Reserve System, and the Office of the Comptroller of the Currency (the agencies), issued a rule requiring...
By: Christopher Salone, CISA CCSFP, MBA This past year proved to be a year of rapid development for the cybersecurity and IT landscape. As new threats emerged, others continued to develop and evolve. Throughout the year, the FFIEC, in an effort to help its institutions combat these threats, issued new...
This blog was written and produced by Nick Cozzolino, CISSP, Director of Information Security at The Bonadio Group. FoxPointe Solutions is The Bonadio Group’s dedicated cybersecurity division. Looking to get in touch with Nick? Reach out today: Nick Cozzolino ncozzolino@bonadio.com. “Data is the new oil.” We have heard that frequently...
This blog was written and produced by Courtney Nist, Senior Security Consultant CHQP, CCSFP, at FoxPointe Solutions. Looking to get in touch with Courtney? Reach out today: Courtney Nist cnist@foxpointesolutions.com. SOC 2 + HITRUST CSF Report Based on the Verizon Data Breach Investigations Report of 2021, healthcare and outsourced service...
What is a SOC 1 Report A SOC 1 report, also known as the Statement on Standards for Attestation Engagements (SSAE) 18, focuses on a service organization’s controls that are likely to be relevant to an audit of a user entity’s (customer’s) financial statements. SOC 1 reports cover a service...
Cybersecurity Regulations Since the regulation came into effect in March 2019, the New York State Department of Financial Services (DFS) continues to strengthen the way that it enforces the Cybersecurity Regulation 23 NYCRR Part 500. With 23 distinct sections of the regulation, DFS requires a comprehensive cybersecurity program for “Covered...
As you were enjoying a cup of coffee the morning of December 18, 2020, you might have been arranging your Holiday plans or ordering a last-minute gift for a loved one. Or, perhaps, you’re part of the banking industry, and as part of your morning routine, you peruse various news...
In this day and age, the risk of cybersecurity threats is becoming a concerning topic for organizations. Reducing the risk of data breach has become a top priority for many businesses. When it comes to minimizing risk, an often-overlooked area is third-party risk. Many organizations include an initial vetting process...
On April 2, 2021, it was confirmed that a malicious user published the phone numbers and personal data of hundreds of millions of Facebook users for free online. The information, spanning from users across the globe, includes phone numbers, user IDs, full names, locations, birthdates, and some email addresses. A...